Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(15)

Side by Side Diff: net/cert/x509_util_unittest.cc

Issue 27832002: Sign self-signed certs with SHA256. (Closed) Base URL: https://src.chromium.org/chrome/trunk/src/
Patch Set: Created 7 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/x509_util.h" 5 #include "net/cert/x509_util.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 8
9 #include "base/memory/ref_counted.h" 9 #include "base/memory/ref_counted.h"
10 #include "base/memory/scoped_ptr.h" 10 #include "base/memory/scoped_ptr.h"
11 #include "base/time/time.h" 11 #include "base/time/time.h"
12 #include "crypto/hmac.h"
12 #include "crypto/rsa_private_key.h" 13 #include "crypto/rsa_private_key.h"
13 #include "net/cert/x509_certificate.h" 14 #include "net/cert/x509_certificate.h"
14 #include "testing/gtest/include/gtest/gtest.h" 15 #include "testing/gtest/include/gtest/gtest.h"
15 16
16 namespace net { 17 namespace net {
17 18
18 namespace x509_util { 19 namespace x509_util {
19 20
20 TEST(X509UtilTest, SortClientCertificates) { 21 TEST(X509UtilTest, SortClientCertificates) {
21 CertificateList certs; 22 CertificateList certs;
(...skipping 24 matching lines...) Expand all
46 EXPECT_EQ("older cert", certs[1]->subject().common_name); 47 EXPECT_EQ("older cert", certs[1]->subject().common_name);
47 ASSERT_TRUE(certs[2].get()); 48 ASSERT_TRUE(certs[2].get());
48 EXPECT_EQ("not yet valid", certs[2]->subject().common_name); 49 EXPECT_EQ("not yet valid", certs[2]->subject().common_name);
49 ASSERT_TRUE(certs[3].get()); 50 ASSERT_TRUE(certs[3].get());
50 EXPECT_EQ("expired", certs[3]->subject().common_name); 51 EXPECT_EQ("expired", certs[3]->subject().common_name);
51 ASSERT_FALSE(certs[4].get()); 52 ASSERT_FALSE(certs[4].get());
52 ASSERT_FALSE(certs[5].get()); 53 ASSERT_FALSE(certs[5].get());
53 } 54 }
54 55
55 #if defined(USE_NSS) || defined(OS_WIN) || defined(OS_MACOSX) 56 #if defined(USE_NSS) || defined(OS_WIN) || defined(OS_MACOSX)
56 // This test creates a self-signed cert from a private key and then verify the 57 // This test creates a self-signed cert and a private key and then verifies the
57 // content of the certificate. 58 // content of the certificate.
58 TEST(X509UtilTest, CreateSelfSigned) { 59 TEST(X509UtilTest, CreateKeyAndSelfSigned) {
59 scoped_ptr<crypto::RSAPrivateKey> private_key( 60 crypto::RSAPrivateKey* raw_key;
60 crypto::RSAPrivateKey::Create(1024));
61
62 ASSERT_TRUE(private_key.get());
63 61
64 std::string der_cert; 62 std::string der_cert;
65 ASSERT_TRUE(x509_util::CreateSelfSignedCert( 63 ASSERT_TRUE(x509_util::CreateKeyAndSelfSignedCert(
66 private_key.get(),
67 "CN=subject", 64 "CN=subject",
68 1, 65 1,
69 base::Time::Now(), 66 base::Time::Now(),
70 base::Time::Now() + base::TimeDelta::FromDays(1), 67 base::Time::Now() + base::TimeDelta::FromDays(1),
68 &raw_key,
71 &der_cert)); 69 &der_cert));
72 70
71 scoped_ptr<crypto::RSAPrivateKey> key(raw_key);
72 ASSERT_TRUE(key.get());
73
73 scoped_refptr<X509Certificate> cert(X509Certificate::CreateFromBytes( 74 scoped_refptr<X509Certificate> cert(X509Certificate::CreateFromBytes(
74 der_cert.data(), der_cert.size())); 75 der_cert.data(), der_cert.size()));
75 ASSERT_TRUE(cert.get()); 76 ASSERT_TRUE(cert.get());
76 77
77 EXPECT_EQ("subject", cert->subject().GetDisplayName()); 78 EXPECT_EQ("subject", cert->subject().GetDisplayName());
78 EXPECT_FALSE(cert->HasExpired()); 79 EXPECT_FALSE(cert->HasExpired());
80 }
79 81
80 cert = NULL; 82 // This test creates a self-signed cert from a private key and then verifies the
81 83 // content of the certificate.
84 TEST(X509UtilTest, CreateSelfSignedInternal) {
82 const uint8 private_key_info[] = { 85 const uint8 private_key_info[] = {
83 0x30, 0x82, 0x02, 0x78, 0x02, 0x01, 0x00, 0x30, 86 0x30, 0x82, 0x02, 0x78, 0x02, 0x01, 0x00, 0x30,
84 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 87 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
85 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, 88 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
86 0x02, 0x62, 0x30, 0x82, 0x02, 0x5e, 0x02, 0x01, 89 0x02, 0x62, 0x30, 0x82, 0x02, 0x5e, 0x02, 0x01,
87 0x00, 0x02, 0x81, 0x81, 0x00, 0xb8, 0x7f, 0x2b, 90 0x00, 0x02, 0x81, 0x81, 0x00, 0xb8, 0x7f, 0x2b,
88 0x20, 0xdc, 0x7c, 0x9b, 0x0c, 0xdc, 0x51, 0x61, 91 0x20, 0xdc, 0x7c, 0x9b, 0x0c, 0xdc, 0x51, 0x61,
89 0x99, 0x0d, 0x36, 0x0f, 0xd4, 0x66, 0x88, 0x08, 92 0x99, 0x0d, 0x36, 0x0f, 0xd4, 0x66, 0x88, 0x08,
90 0x55, 0x84, 0xd5, 0x3a, 0xbf, 0x2b, 0xa4, 0x64, 93 0x55, 0x84, 0xd5, 0x3a, 0xbf, 0x2b, 0xa4, 0x64,
91 0x85, 0x7b, 0x0c, 0x04, 0x13, 0x3f, 0x8d, 0xf4, 94 0x85, 0x7b, 0x0c, 0x04, 0x13, 0x3f, 0x8d, 0xf4,
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after
159 0xc6, 0xa4, 0x92, 0xd1, 0xce, 0x6c, 0x72, 0xfb, 162 0xc6, 0xa4, 0x92, 0xd1, 0xce, 0x6c, 0x72, 0xfb,
160 0x21, 0xb3, 0x02, 0x87, 0xe4, 0xfd, 0x61, 0xca, 163 0x21, 0xb3, 0x02, 0x87, 0xe4, 0xfd, 0x61, 0xca,
161 0x00, 0x42, 0x19, 0xf0, 0xda, 0x5a, 0x53, 0xe3, 164 0x00, 0x42, 0x19, 0xf0, 0xda, 0x5a, 0x53, 0xe3,
162 0xb1, 0xc5, 0x15, 0xf3 165 0xb1, 0xc5, 0x15, 0xf3
163 }; 166 };
164 167
165 std::vector<uint8> input; 168 std::vector<uint8> input;
166 input.resize(sizeof(private_key_info)); 169 input.resize(sizeof(private_key_info));
167 memcpy(&input.front(), private_key_info, sizeof(private_key_info)); 170 memcpy(&input.front(), private_key_info, sizeof(private_key_info));
168 171
169 private_key.reset(crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(input)); 172 scoped_ptr<crypto::RSAPrivateKey> private_key(
173 crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(input));
170 ASSERT_TRUE(private_key.get()); 174 ASSERT_TRUE(private_key.get());
171 175
172 ASSERT_TRUE(x509_util::CreateSelfSignedCert( 176 std::string der_cert;
177 ASSERT_TRUE(x509_util::CreateSelfSignedCertInternal(
173 private_key.get(), 178 private_key.get(),
179 crypto::HMAC::SHA1,
174 "CN=subject", 180 "CN=subject",
175 1, 181 1,
176 base::Time::Now(), 182 base::Time::Now(),
177 base::Time::Now() + base::TimeDelta::FromDays(1), 183 base::Time::Now() + base::TimeDelta::FromDays(1),
178 &der_cert)); 184 &der_cert));
179 185
180 cert = X509Certificate::CreateFromBytes(der_cert.data(), der_cert.size()); 186 scoped_refptr<X509Certificate> cert =
187 X509Certificate::CreateFromBytes(der_cert.data(), der_cert.size());
181 ASSERT_TRUE(cert.get()); 188 ASSERT_TRUE(cert.get());
182 189
183 EXPECT_EQ("subject", cert->subject().GetDisplayName()); 190 EXPECT_EQ("subject", cert->subject().GetDisplayName());
184 EXPECT_FALSE(cert->HasExpired()); 191 EXPECT_FALSE(cert->HasExpired());
185 } 192 }
186 #endif 193 #endif
187 194
188 } // namespace x509_util 195 } // namespace x509_util
189 196
190 } // namespace net 197 } // namespace net
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698